1 files changed, 2 insertions, 57 deletions

diff --git a/app/Api/Middleware/AuthenticationApiMiddleware.php b/app/Api/Middleware/AuthenticationMiddleware.php
index b16e10b8..8e309593 100644
--- a/app/Api/Middleware/AuthenticationApiMiddleware.php
+++ b/app/Api/Middleware/AuthenticationMiddleware.php
@@ -13,46 +13,8 @@ use Kanboard\Core\Base;
  * @package Kanboard\Api\Middleware
  * @author  Frederic Guillot
  */
-class AuthenticationApiMiddleware extends Base implements MiddlewareInterface
+class AuthenticationMiddleware extends Base implements MiddlewareInterface
 {
-    private $user_allowed_procedures = array(
-        'getMe',
-        'getMyDashboard',
-        'getMyActivityStream',
-        'createMyPrivateProject',
-        'getMyProjectsList',
-        'getMyProjects',
-        'getMyOverdueTasks',
-    );
-
-    private $both_allowed_procedures = array(
-        'getTimezone',
-        'getVersion',
-        'getDefaultTaskColor',
-        'getDefaultTaskColors',
-        'getColorList',
-        'getProjectById',
-        'getSubTask',
-        'getTask',
-        'getTaskByReference',
-        'getTimeSpent',
-        'getAllTasks',
-        'getAllSubTasks',
-        'hasTimer',
-        'logStartTime',
-        'logEndTime',
-        'openTask',
-        'closeTask',
-        'moveTaskPosition',
-        'createTask',
-        'createSubtask',
-        'updateTask',
-        'getBoard',
-        'getProjectActivity',
-        'getOverdueTasksByProject',
-        'searchTasks',
-    );
-
     /**
      * Execute Middleware
      *
@@ -68,11 +30,8 @@ class AuthenticationApiMiddleware extends Base implements MiddlewareInterface
         $this->dispatcher->dispatch('app.bootstrap');
 
         if ($this->isUserAuthenticated($username, $password)) {
-            $this->checkProcedurePermission(true, $procedureName);
             $this->userSession->initialize($this->userModel->getByUsername($username));
-        } elseif ($this->isAppAuthenticated($username, $password)) {
-            $this->checkProcedurePermission(false, $procedureName);
-        } else {
+        } elseif (! $this->isAppAuthenticated($username, $password)) {
             $this->logger->error('API authentication failure for '.$username);
             throw new AuthenticationFailureException('Wrong credentials');
         }
@@ -120,18 +79,4 @@ class AuthenticationApiMiddleware extends Base implements MiddlewareInterface
 
         return $this->configModel->get('api_token');
     }
-
-    public function checkProcedurePermission($is_user, $procedure)
-    {
-        $is_both_procedure = in_array($procedure, $this->both_allowed_procedures);
-        $is_user_procedure = in_array($procedure, $this->user_allowed_procedures);
-
-        if ($is_user && ! $is_both_procedure && ! $is_user_procedure) {
-            throw new AccessDeniedException('Permission denied');
-        } elseif (! $is_user && ! $is_both_procedure && $is_user_procedure) {
-            throw new AccessDeniedException('Permission denied');
-        }
-
-        $this->logger->debug('API call: '.$procedure);
-    }
 }